Забронировать новую Hyundai SONATA можно тут: bit.ly/2PpPrY0

Всем привет!

Мы в Португалии, на мысе Рока, самой западной точке континентальной Европы.

Уже неделю мы находимся в пути и снимаем новый сложносочиненный выпуск.

Один из самых грустных фактов про Россию звучит так: больше 50 процентов населения нашей страны никогда не были за границей.

Понятно, что основная причина – в том, что люди за пределами Москвы и еще пары городов живут очень скромно.

Но параллельно с этим уже много лет нам рассказывают, как же за пределами России плохо. Эмигранты, гей-парады, бездуховность – ну вы сами все знаете.

Наша позиция: путешествия – это неотъемлемая часть процветания и прогресса. Если ты видишь, как устроен чужой мир, тебе гораздо проще обустраивать мир собственный. Ну а если где-то действительно плохо, лучше узнавать об этом самому, а не по пламенным речам людей из телевизора.

Поэтому мы придумали следующее:
1. Выбрали очень классный и – важное – НЕпопсовый маршрут по Европе.
2. Взяли с собой человека, который не так искушен путешествиями, как мы.

Те, кто смотрел наш выпуск про Колыму, наверняка помнят Антоху – нашего водителя, очень яркого парня, который появился всего на пару минут, но покорил абсолютно всех. Антохе 33 года и он никогда не был за пределами стран бывшего Советского Союза.

Мы проехали почти 1500 километров от Страны Басков до Лиссабона – таким образом, чтобы Антоха, житель самого востока Евразии, оказался в самой западной ее точке.

У выпуска, который вы увидите, две задачи:

1. Интересно провести время

2. Показать, что мир – большой и классный. И гораздо лучше быть частью это мира, а не настороженно смотреть на него из-за забора.

Вперед!

канал Саши Вишневского bit.ly/38PlW9C

футболки «Мои кореша» от Дудя vdudvdud.ru/

5-й урок из курса «Программирование на Java для начинающих» в котором мы разберемся с тем, что такое поразрядные операции, побитовые сдвиги и как это работает.

Задавайте Ваши вопросы:
Я в VK — vk.com/id297086696
Я в FB — i2m.su/klotNf
Group VK — vk.com/codrob
Group FB — i2m.su/xRPlWf

Техносфера Mail.ru Group, МГУ им. М.В. Ломоносова.
Курс «Алгоритмы интеллектуальной обработки больших объемов данных», Лекция №1 — «Задачи Data Mining»
Лектор — Николай Анохин

Обзор задач Data Mining.
Стандартизация подхода к решению задач Data Mining.
Процесс CRISP-DM.
Виды данных.
Кластеризация, классификация, регрессия.
Понятие модели и алгоритма обучения.

Слайды лекции: www.slideshare.net/Technosphere1/lecture-1-47107550

Другие лекции курса Data Mining | www.youtube.com/playlist?list=PLrCZzMib1e9pyyrqknouMZbIPf4l3CwUP
Официальный сайт Технопарка | tech-mail.ru/
Официальный сайт Техносферы | sfera-mail.ru/
Технопарк в ВКонтакте | vk.com/tpmailru
Техносфера в ВКонтакте | vk.com/tsmailru
Блог на Хабре | habrahabr.ru/company/mailru/

#ТЕХНОПАРК
#ТЕХНОСФЕРА

x

Лекция «OSINT в расследовании киберинцидентов», @soxoj, DC7495 на конференции RuCTF 2019

Слайды: yadi.sk/i/kMuMGzMLgi69fw

Edited by Iwa: www.rozz.me

The rise in targeted eCrime attacks was a major focus of CrowdStrikes 2020 Global Threat Report. The OverWatch threat hunting team has continued to see this trend in 2020 as criminal adversaries evolve to capitalize on targeted tactics, particularly with intent to deploy ransomware. This presentation covers how these intrusions occur and what you should look for in your threat hunting to uncover them. Discussion will include details on the commands the adversaries are actually running to exploit their victims.

Attendees will learn:

— More about the current eCrime ecosystem
— Targeted eCrime techniques recently observed in the wild
— How to use threat hunting to discover eCrime actors before they accomplish their objectives

Speaker Bios

Katie Nickels

Katie is a SANS instructor for FOR578: Cyber Threat Intelligence and a Principal Intelligence Analyst for Red Canary. She has worked on cyber threat intelligence (CTI), network defense, and incident response for nearly a decade for the DoD, MITRE, Raytheon, and ManTech. Katie hails from a liberal arts background with degrees from Smith College and Georgetown University, embracing the power of applying liberal arts prowess to cybersecurity. With more than a dozen publications to her name, Katie has shared her expertise with presentations at Black Hat, multiple SANS Summits, Sp4rkcon, and many other events. Katie has also served as a co-chair of the SANS CTI Summit and FIRST CTI Symposium. She was the 2018 recipient of the Presidents Award from the Womens Society of Cyberjutsu and serves as the Program Manager for the Cyberjutsu Girls Academy, which seeks to inspire young women to learn more about STEM. You can find Katie on Twitter @LiketheCoins

Karl Scheuerman

Karl is a Senior Strategic Intrusion Analyst on CrowdStrike’s OverWatch threat hunting team. Previously, he led threat intelligence programs for the Department of Energy. Karl began his career as an Air Force officer and he continues to serve in the Air National Guard as commander of a threat intelligence squadron. He holds multiple SANS certifications, a Bachelor of Science degree from the U.S. Air Force Academy, and a Master of Public Policy degree from the University of Maryland, College Park. You can follow him on Twitter at @KarlScheuerman.

Jason Wood

Jason is a Senior Researcher on CrowdStrike’s OverWatch threat hunting team. He has worked as a threat hunter, penetration tester, consultant, trainer, security engineer and systems administrator. Jason is involved in the security community through podcasting and speaking at conferences. You can find him every week on Security Weekly News and the InfoSec Career Podcast. Jason is also an instructor for SANS SEC504, Hacker Tools, Techniques, Exploits, and Incident Handling. He holds a bachelors degree in Computer Science and the GCIH certification.

Dragos VP of Threat Intelligence, Sergio Caltagirone, co-hosted with Dave Bittner from Cyberwire, discusses threat intelligence as part of a cybersecurity strategy to help organizations reduce risk by improving detection, response, and prevention of secure critical infrastructure.
Topics covered:
— What is threat intelligence and why you need it
— How threat intelligence can reduce your organization’s risk profile
— Vulnerable industrial assets that need protection
— Highlights from major cyber risks impacting Oil and Gas and Utilities

Jessica Lee, a cyber threat intelligence analyst, works to protect the information and technology assets in every single country where Chevron does business.

Threat actors are not magic and there is not an unlimited, unique list of threats for every organization. Enterprises face similar threats from similar threat sources and threat actors – so why does every organization need to perform completely unique risk assessments and prioritized control decisions? This presentation will show how specific, community-driven threat models can be used to prioritize an organization’s defenses – without all the confusion. In this
presentation James Tarala will present a new, open, community-driven threat model that can be used by any industry to evaluate the risk that faces them. Then he will show how to practically
use this model to prioritize enterprise defense and map to existing compliance requirements facing organizations today. Whether you are in the Department of Defense or work for a small mom-and-pop retailer, you will be able to use this model to specifically determine a prioritized defense for your organization.

James Tarala, Principal Consultant, Enclave Security; Senior Instructor, SANS Institute

James Tarala is a principal consultant with Enclave Security and is based out of Venice, Florida. He is a regular speaker and senior instructor with the SANS Institute as well as a courseware author and editor for many SANS auditing and security courses. As a consultant, he has spent the past few years architecting large enterprise IT security and infrastructure architectures, specifically working with many Microsoft-based directory services, e-mail, terminal services, and wireless technologies. He has also spent a large amount of time consulting with organizations to assist them in their security management, operational practices, and regulatory compliance issues, and he often performs independent security audits and assists internal audit groups in developing their internal audit programs. James completed his undergraduate studies at Philadelphia Biblical University and his graduate work at the University of Maryland. He holds numerous professional certifications.

ATTEND THE 2017 THREAT HUNTING SUMMIT: dfir.to/ThreatHunting2017

SANS THREAT HUNTING AND INCIDENT RESPONSE COURSES
FOR508: Digital Forensics, Incident Response,

Продолжаем рассматривать инструменты операционной системы Buscador. Удачные и неудачные программы. Рассматриваем, как должны работать программы на самом деле.

Every single day we use search engines to look for things on the internet. Defenders research a domain or IP that contains malware. Attackers look for email addresses for an upcoming phishing campaign. DFIR people examine locations and usernames that they acquired from a subjects computer. Policy and compliance people examine the risk that employees in their organizations might bring to work. Recruiters scour the internet looking for candidates. And «normal people» shop, date, geolocate, post, tweet, and otherwise send a huge amount of data to the public internet. While search engines harvest, store, and index billions of web site data points every day, there is much they do not contain. These pieces of OSINT data can, when put in perspective and analyzed, reveal target geolocations, friends and associates, alcohol consumption, user passwords, and more. This talk will be a series of hands on, live demos where we put our OSINT skills to work in unconventional places to harvest this unindexed OSINT data. Using free web sites, built in web browser tools, and free python scripts, Micah will show attendees how to harvest data from social media applications, the «whois» system, and from breach data that will not appear in search engine results. Students will gain a better understanding of JSON, APIs, reverse whois, and how to run python tools. Come join Micah as he examines how to move beyond «Googling it» in your personal and professional lives.

Speaker Bio
Micah Hoffman has been active in the information technology field since 1998, working with federal government, commercial, and internal customers to discover and quantify cybersecurity weaknesses within their organizations. As a highly active member of the cybersecurity and OSINT communities, Micah uses his real-world Open-Source Intelligence (OSINT), penetration testing, and incident response experience to provide customized solutions to his customers and comprehensive instruction to his students.

Over the years, Micah has conducted cyber-related tasks like penetration testing, OSINT investigations, APT hunting, and risk assessments for government, internal, and commercial customers. Micahs SANS coursework, cybersecurity expertise, and inherent love of teaching eventually pulled him toward an instructional role, and hes been a SANS Certified Instructor since 2013. Hes the author of the SANS course SEC487: Open Source Intelligence Gathering and Analysis, and also teaches both SEC542: Web App Penetration Testing and Ethical Hacking and SEC567: Social Engineering for Penetration Testers.